package cn.com.chec.en.controller.front;

import java.util.ArrayList;
import java.util.List;
import java.util.Map;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;

import cn.com.chec.en.dao.UserInfoDao;
import cn.com.chec.en.model.domain.RightInfo;
import cn.com.chec.en.model.domain.UserInfo;
import cn.com.chec.en.util.BlowFish;

@Controller
public class LoginFrontController {
	protected static final Logger logger = Logger
			.getLogger(LoginFrontController.class);

	@Resource
	private UserInfoDao userInfoDao;

	@Resource
	private Map<String, Object> environment;

	@RequestMapping(value = { "/logon" }, method = { org.springframework.web.bind.annotation.RequestMethod.GET })
	public ModelAndView login(HttpServletRequest request,
			HttpServletResponse response, ModelMap map) throws Exception {
		response.setContentType("image/jpeg");
		response.setHeader("Pragma", "No-cache");
		response.setHeader("Cache-Control", "no-cache");
		response.setDateHeader("Expires", 0L);

		map.put("message", "");
		return new ModelAndView("login");
	}

	@RequestMapping({ "/login" })
	public ModelAndView index(HttpServletRequest request,
			HttpServletResponse response, ModelMap map) throws Exception {
		String message = "";
		String viewName = "login";
		ModelAndView mav = new ModelAndView();
		String username = request.getParameter("username");
		String password = request.getParameter("password");
		String verifyCode = request.getParameter("verifyCode");
		HttpSession session = request.getSession();
		String code = (String) session.getAttribute("verifyCode");

		String sid = request.getParameter("sid");
		if (StringUtils.isNotBlank(sid)) {
			BlowFish bf = new BlowFish("34b643c6b5144ec594b0df734d311399");
			sid = bf.decryptString(sid);
			if (StringUtils.indexOf(sid, "~~") > -1) {
				username = StringUtils.split(sid, "~~")[0];
				password = StringUtils.split(sid, "~~")[1];
				verifyCode = code = "1234";
			}

		}

		if ((StringUtils.isBlank(verifyCode))
				|| (!StringUtils.equals(verifyCode, code))) {
			message = "验证码错误!";
		} else if ((StringUtils.isNotBlank(username))
				&& (StringUtils.isNotBlank(password))) {
			UserInfo userInfo = StringUtils.isBlank(sid) ? this.userInfoDao
					.userLogin(username, password) : this.userInfoDao
					.userLoginNoMd5(username, password);
			if (userInfo == null) {
				message = "登录失败!";
			} else {
				request.getSession().setAttribute("systemUserInfo", userInfo);

				List<RightInfo> riList = userInfo.getRoleInfo().getRights();
				List<String> pg = new ArrayList<String>();
				for (RightInfo r : riList) {
					pg.add(r.getRightValue());
				}
				request.getSession().setAttribute("systemUserRigthList", pg);
				map.put("userInfo", userInfo);
				viewName = "admin/index";
			}
		} else {
			message = "输入不能为空!";
		}

		map.put("message", message);
		map.putAll(this.environment);
		mav.setViewName(viewName);
		mav.addAllObjects(map);
		return mav;
	}
}